Vulnerabilities > NEC > Univerge Sv8500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-01-13 CVE-2020-5686 Improper Authentication vulnerability in NEC Univerge Sv8500 Firmware and Univerge Sv9500 Firmware
Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature and obtain the information by sending a specially crafted request to a specific URL.
network
low complexity
nec CWE-287
7.5
7.5
2021-01-13 CVE-2020-5685 OS Command Injection vulnerability in NEC Univerge Sv8500 Firmware and Univerge Sv9500 Firmware
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.
network
low complexity
nec CWE-78
critical
 9.8
9.8